Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method for secured communication of data packets by a data gateway in a mobile broadband network environment, the method comprising: receiving one or more data packets intended for a mobile station from a packet data network; encrypting the one or more data packets to be transmitted from the data gateway to the mobile station using one or more security keys established at the data gateway for secured communication with the mobile station; and transmitting the encrypted one or more data packets to the mobile station via a plurality of base stations connected to the data gateway, wherein the one or more security keys established at the data gateway are continuously used while the mobile station communicates with at least one base station among the plurality of base stations connected to the data gateway, wherein the one or more security keys established at the data gateway are generated based on an identifier of the mobile station and an identifier of the data gateway, and wherein data packets encrypted at the data gateway using the one or more security keys established at the data gateway can be decrypted only by the mobile station.
A data gateway in a mobile network secures data packets sent to a mobile station. It receives data packets from a network, encrypts them using security keys established specifically for communication with that mobile station, and sends the encrypted packets through base stations to the mobile station. These keys are continually used as long as the mobile station is connected to the data gateway, regardless of the base station it's currently using. The keys are created based on the identifiers of both the mobile station and the data gateway, ensuring only the intended mobile station can decrypt the data.
2. The method of claim 1 , wherein the encrypting of the one or more data packets comprises: receiving one of a pair wise master key (PMK) and a master session key (MSK) from an authenticator; generating an authentication and authorization key using the identifier of the mobile station, the identifier of the data gateway, and one of the PMK and the MSK; generating the one or more security keys for encrypting the data packets using the authentication and authorization key; and encrypting the one or more data packets using the one or more security keys.
To encrypt data packets, the data gateway receives a Pairwise Master Key (PMK) or Master Session Key (MSK) from an authenticator. Using the mobile station's identifier, the data gateway's identifier, and the PMK/MSK, an authentication and authorization key is generated. This authorization key is then used to generate the specific security keys used to encrypt the data packets before transmission to the mobile station via the base stations.
3. The method of claim 1 , wherein the encrypting of the one or more data packets comprises: receiving an authentication and authorization key for generating the one or more security keys from an authenticator; generating the one or more security keys for encrypting the one or more data packets using the authentication and authorization key; and encrypting the one or more data packets using the one or more security keys.
To encrypt data packets, the data gateway receives an authentication and authorization key from an authenticator. This authentication key is used to generate the specific security keys which are used to encrypt the data packets before transmission to the mobile station through the base stations.
4. The method of claim 1 , wherein the encrypting of the one or more data packets comprises: receiving one of a pair wise master key (PMK) and a master session key (MSK) from an authenticator; generating the one or more security keys for encrypting the one or more data packets using the identifier of the mobile station, the identifier of the data gateway, and one of the PMK and the MSK; and encrypting the one or more data packets using the one or more security keys.
To encrypt data packets, the data gateway receives a Pairwise Master Key (PMK) or Master Session Key (MSK) from an authenticator. Using the mobile station's identifier, the data gateway's identifier, and the PMK/MSK, the security keys are generated. These security keys are then used to encrypt the data packets before transmission to the mobile station via the base stations.
5. The method of claim 1 , wherein the encrypting of the one or more data packets using the one or more security keys comprises: applying one of a privacy protection and an integrity protection to the one or more data packets using the one or more security keys received from an authenticator.
The data gateway secures data packets by using one or more security keys received from an authenticator to apply either privacy protection or integrity protection, or both, to the packets before sending them to the mobile station.
6. A data gateway comprising: a transceiver; and a processor coupled to the transceiver, wherein the transceiver is configured to receive one or more data packets intended for a mobile station from a packet data network, wherein the processor is configured to encrypt the one or more data packets to be transmitted from the data gateway to the mobile station using one or more security keys established at the data gateway for secured communication with the mobile station, wherein the transceiver is configured to transmit the encrypted one or more data packets to the mobile station via a plurality of base stations connected to the data gateway, wherein the one or more security keys established at the data gateway are continuously used while the mobile station communicates with at least one base station among the plurality of base stations connected to the data gateway, wherein the one or more security keys established at the data gateway are generated based on an identifier of the mobile station and an identifier of the data gateway, and wherein data packets encrypted at the data gateway using the one or more security keys established at the data gateway can be decrypted only by the mobile station.
A data gateway includes a transceiver and a processor. The transceiver receives data packets for a mobile station from a packet data network. The processor encrypts these packets using security keys established at the data gateway for secure communication with the mobile station. The transceiver then transmits the encrypted packets to the mobile station via multiple base stations. The security keys are continuously used while the mobile station communicates, and they are generated based on the identifiers of the mobile station and the data gateway, so only the mobile station can decrypt them.
7. The data gateway of claim 6 , wherein the processor is further configured to: receive one of a pair wise master key (PMK) and a master session key (MSK) from an authenticator; generate an authentication and authorization key using the identifier of the mobile station, the identifier of the data gateway, and one of the PMK and the MSK; generate the one or more security keys for encrypting the one or more data packets using the authentication and authorization key; and encrypt the one or more data packets using the one or more security keys.
The data gateway's processor receives a Pairwise Master Key (PMK) or Master Session Key (MSK) from an authenticator. It generates an authentication and authorization key using the identifiers of the mobile station and data gateway, along with the PMK/MSK. The processor then generates the data encryption keys using the authentication and authorization key and encrypts the packets with the generated security keys for transmission.
8. The data gateway of claim 6 , wherein the processor is further configured to: receive one of a pair wise master key (PMK) and a master session key (MSK) from an authenticator; generate the one or more security keys for encrypting the one or more data packets using the identifier of the mobile station, the identifier of the data gateway, and one of the PMK and the MSK; and encrypt the one or more data packets using the one or more security keys.
The data gateway's processor receives a Pairwise Master Key (PMK) or Master Session Key (MSK) from an authenticator. The processor generates the data encryption keys using the identifiers of the mobile station and data gateway, along with the PMK/MSK. The processor then encrypts the data packets using these generated security keys.
9. A method for processing data packets by a data gateway in a mobile broadband network environment, the method comprising: receiving one or more encrypted data packets from a mobile station via a plurality of base stations connected to the data gateway; decrypting the encrypted one or more data packets from the mobile station using one or more security keys established at the data gateway for secured communication with the mobile station; and transmitting the decrypted one or more data packets to the packet data network, wherein the one or more security keys established at the data gateway are continuously used while the mobile station communicates with at least one base station among the plurality of base stations connected to the data gateway, wherein the one or more security keys established at the data gateway are generated based on an identifier of the mobile station and an identifier of the data gateway, and wherein the encrypted one or more data packets received from the mobile station can be decrypted only by using the one or more security keys established at the data gateway.
A data gateway receives encrypted data packets from a mobile station via multiple base stations. It decrypts these packets using security keys established specifically for communication with that mobile station. The decrypted packets are then transmitted to the packet data network. The same security keys are continuously used as long as the mobile station communicates with the data gateway, regardless of which base station is in use. The keys are generated based on the mobile station and data gateway identifiers, ensuring only the data gateway can decrypt packets encrypted by the mobile station.
10. The method of claim 9 , wherein the decrypting of the encrypted one or more data packets comprises: receiving one of a pair wise master key (PMK) and a master session key (MSK) from an authenticator; generating an authentication and authorization key using the identifier of the mobile station, the identifier of the data gateway, and one of the PMK and the MSK; generating the one or more security keys for decrypting the one or more encrypted data packets using the authentication and authorization key; and decrypting the encrypted one or more data packets using the one or more security keys.
To decrypt data packets, the data gateway receives a Pairwise Master Key (PMK) or Master Session Key (MSK) from an authenticator. Using the mobile station's identifier, the data gateway's identifier, and the PMK/MSK, an authentication and authorization key is generated. This authorization key is used to generate the decryption keys used to decrypt the data packets.
11. The method of claim 9 , wherein the decrypting of the encrypted one or more data packets comprises: receiving an authentication and authorization key for generating the one or more security keys from an authenticator; generating the one or more security keys for decrypting the encrypted data packets using the authentication and authorization key; and decrypting the encrypted one or more data packets using the one or more security keys.
To decrypt encrypted data packets from a mobile station, the data gateway receives an authentication and authorization key from an authenticator. The gateway generates the decryption keys for the encrypted data packets using this authorization key and then decrypts the data packets using these generated keys.
12. The method of claim 9 , wherein the decrypting of the encrypted one or more data packets comprises: receiving one of a pair wise master key (PMK) and a master session key (MSK) from an authenticator; generating the one or more security keys for decrypting the encrypted one or more data packets using the identifier of the mobile station, the identifier of the data gateway, and one of the PMK and the MSK; and decrypting the encrypted one or more data packets using the one or more security keys.
To decrypt data packets, the data gateway receives a Pairwise Master Key (PMK) or Master Session Key (MSK) from an authenticator. Using the mobile station's identifier, the data gateway's identifier, and the PMK/MSK, the decryption keys are generated. The gateway then decrypts the data packets using these generated keys.
13. The method of claim 9 , wherein decrypting the encrypted one or more data packets using the one or more security keys comprises: applying one of a privacy protection and an integrity protection to the data packets using the one or more security keys received from an authenticator.
The data gateway decrypts data packets from the mobile station, using one or more security keys received from an authenticator, by applying either privacy protection or integrity protection to the data packets.
14. A data gateway comprising: a transceiver; and a processor coupled to the transceiver, wherein the transceiver is configured to receive one or more encrypted data packets from a mobile station via a plurality of base stations connected to the data gateway, wherein the processor is configured to decrypt the encrypted one or more data packets from the mobile station using one or more security keys established at the data gateway for secured communication with the mobile station, wherein the transceiver is configured to transmit the decrypted one or more data packets to the packet data network, wherein the one or more security keys established at the data gateway are continuously used while the mobile station communicates with at least one base station among the plurality of base stations connected to the data gateway, wherein the one or more security keys established at the data gateway are generated based on an identifier of the mobile station and an identifier of the data gateway, and wherein the encrypted one or more data packets received from the mobile station can be decrypted only by using the one or more security keys established at the data gateway.
A data gateway includes a transceiver and a processor. The transceiver receives encrypted data packets from a mobile station via multiple base stations. The processor decrypts the data packets using security keys established at the data gateway for secure communication with the mobile station. The transceiver then transmits the decrypted packets to the packet data network. These security keys are continuously used while the mobile station is communicating, and they are generated based on the identifiers of the mobile station and the data gateway, allowing only the data gateway to decrypt the mobile station's encrypted data.
15. The data gateway of claim 14 , wherein the processor is further configured to: receive one of a pair wise master key (PMK) and a master session key (MSK) from an authenticator; generate an authentication and authorization key using the identifier of the mobile station, the identifier of the data gateway, and one of the PMK and the MSK; generate the one or more security keys for decrypting the encrypted one or more data packets using the authentication and authorization key; and decrypt the encrypted one or more data packets using the one or more security keys.
The data gateway's processor receives a Pairwise Master Key (PMK) or Master Session Key (MSK) from an authenticator. It generates an authentication and authorization key using the identifiers of the mobile station and data gateway, along with the PMK/MSK. The processor then generates the decryption keys using the authentication and authorization key, and decrypts the packets with the generated security keys.
16. The data gateway of claim 14 , wherein the processor is further configured to: receive an authentication and authorization key for generating the one or more security keys from an authenticator; generate the one or more security keys for decrypting the encrypted data packets using the authentication and authorization key; and decrypt the encrypted one or more data packets using the one or more security keys.
The data gateway's processor receives an authentication and authorization key from an authenticator. The processor generates decryption keys for decrypting the encrypted packets using this authentication key. The processor then decrypts the encrypted data packets using these generated security keys.
17. The data gateway of claim 14 , wherein the processor is further configured to: receive one of a pair wise master key (PMK) and a master session key (MSK) from an authenticator; generate the one or more security keys for decrypting the encrypted one or more data packets using the identifier of the mobile station, the identifier of the data gateway, and one of the PMK and the MSK; and decrypt the encrypted one or more data packets using the one or more security keys.
The data gateway's processor receives a Pairwise Master Key (PMK) or Master Session Key (MSK) from an authenticator. The processor generates the decryption keys using the identifiers of the mobile station and data gateway, along with the PMK/MSK. The processor then decrypts the data packets using these generated security keys.
18. The data gateway of claim 14 , wherein the processor is further configured to: apply one of a privacy protection and an integrity protection to the one or more data packets using the one or more security keys received from an authenticator.
The data gateway's processor decrypts data packets from the mobile station by applying either privacy protection or integrity protection to the data packets using security keys received from an authenticator.
19. A method for secured communication by a mobile station in a mobile broadband network environment, the method comprising: generating a packet comprising one of a control message and a data packet; encrypting the packet to be transmitted from the mobile station to a data gateway using one or more data security keys established at the mobile station for secured communication of data packets with the data gateway if the packet comprises the data packet, wherein the one or more data security keys are generated at the mobile station for the data gateway; encrypting the packet to be transmitted from the mobile station to a base station using one or more control security keys established at the mobile station for secured communication of control messages with the base station if the packet comprises the control message, wherein the one or more control security keys are generated at the mobile station for the base station; and transmitting the encrypted packet carrying the one of the control message and the data packet to the base station, wherein the one or more data security keys established at the mobile station for secured communication of data packets with the data gateway are continuously used while the mobile station communicates with at least one base station among a plurality of base stations connected to the data gateway, wherein the one or more data security keys established at the mobile station for secured communication of data packets with the data gateway are generated based on an identifier of the mobile station and an identifier of the data gateway, wherein the one or more control security keys established at the mobile station for secured communication of control messages with the base station are generated based on the identifier of the mobile station and an identifier of the base station, wherein data packets encrypted using the one or more data security keys established at the mobile station for secured communication of data packets with the data gateway can be decrypted only by the data gateway, and wherein control messages encrypted using the one or more control security keys established at the mobile station for secured communication of control messages with the base station can be decrypted only by the base station.
A mobile station secures communication by encrypting packets before transmission. If a packet contains data, it's encrypted using data security keys established for communication with the data gateway, based on the identifiers of the mobile station and the data gateway. If a packet contains a control message, it's encrypted using control security keys established for communication with the base station, based on the identifiers of the mobile station and the base station. The encrypted packet is then sent to the base station. The data security keys remain in use as long as the mobile station is connected to the data gateway. Only the data gateway can decrypt data packets, and only the base station can decrypt control messages.
20. The method of claim 19 , wherein the encrypting of the packet comprises: generating a data authentication and authorization key using the identifier of the mobile station, the identifier of the data gateway, and one of a pair wise master key (PMK) and a master session key (MSK); generating the one or more data security keys for encrypting the packet carrying the data packet using the data authentication and authorization key; and encrypting the packet using the one or more data security keys.
To encrypt a packet, the mobile station generates a data authentication and authorization key using the identifiers of the mobile station and the data gateway, along with a Pairwise Master Key (PMK) or Master Session Key (MSK). This authorization key is used to generate the specific data security keys to encrypt the data packet before transmission.
21. The method of claim 19 , wherein the encrypting of the packet comprises: generating the one or more data security keys for encrypting the packet carrying the data packet using the identifier of the mobile station, the identifier of the data gateway, and one of a pairwise master key (PMK) and a master session key (MSK); and encrypting the packet using the one or more data security keys.
To encrypt a packet, the mobile station generates data security keys using the identifiers of the mobile station and the data gateway, along with a Pairwise Master Key (PMK) or Master Session Key (MSK). These data security keys are then used to encrypt the packet containing the data packet for transmission.
22. The method of claim 19 , wherein the encrypting of the packet using the one or more data security keys comprises: applying at least one of a privacy protection and an integrity protection to the packet carrying the data packet using the one or more data security keys.
The mobile station applies either privacy protection or integrity protection, or both, to a data packet before transmission to the data gateway, by using the established data security keys to encrypt the packet.
23. The method of claim 19 , wherein the encrypting of the packet comprises: generating a control authentication and authorization key using the identifier of the mobile station, one of an identifier of a master base station and an identifier of a cloud cell associated with the mobile station, and one of a pair wise master key (PMK) and a master session key (MSK); generating one or more control security keys for encrypting the packet carrying the control message using the control authentication and authorization key; and encrypting the packet using the one or more control security keys.
To encrypt a packet containing a control message, the mobile station generates a control authentication and authorization key using the mobile station's identifier, an identifier of either the master base station or a cloud cell associated with the mobile station, and a Pairwise Master Key (PMK) or Master Session Key (MSK). Control security keys are generated using the control authentication and authorization key, and the packet containing the control message is encrypted using these keys before transmission.
24. The method of claim 19 , wherein the encrypting of the packet comprises: generating a control authentication and authorization key for respective base stations in a cloud cell using the identifier of the mobile station, an identifier of the respective base stations in a cloud cell associated with the mobile station, and one of a pair wise master key (PMK) and a master session key (MSK); generating one or more control security keys for encrypting the packet carrying the control message using the control authentication and authorization key; and encrypting the packet using the one or more control security keys.
To encrypt a control message, the mobile station generates a control authentication and authorization key for each base station within a cloud cell. This key uses the mobile station's identifier, the identifier of each base station in the cloud cell, and a Pairwise Master Key (PMK) or Master Session Key (MSK). From these keys, control security keys are generated for encrypting the control message before it is transmitted.
25. The method of claim 19 , wherein the encrypting of the packet using the one or more control security keys comprises: applying at least one of a privacy protection and an integrity protection to the packet carrying the control message using the one or more control security keys.
The mobile station applies either privacy protection or integrity protection, or both, to the packet containing the control message by using the established control security keys for encryption.
26. A mobile station comprising: a processor configured to: generate a packet comprising one of a control message and a data packet, encrypt the packet to be transmitted from the mobile station to a data gateway using one or more data security keys established at the mobile station for secured communication of data packets with the data gateway if the packet comprises the data packet, wherein the one or more data security keys are generated for the data gateway, and encrypt the packet to be transmitted from the mobile station to a base station using one or more control security keys established at the mobile station for secured communication of control messages with the base station if the packet comprises the control message, wherein the one or more control security keys are generated for the base station; and a transceiver configured to transmit the encrypted packet carrying the one of the control message and the data packet to the base station, wherein the one or more data security keys established at the mobile station for secured communication of data packets with the data gateway are continuously used while the mobile station communicates with at least one base station among a plurality of base stations connected to the data gateway, wherein the one or more data security keys established at the mobile station for secured communication of data packets with the data gateway are generated based on an identifier of the mobile station and an identifier of the data gateway, wherein the one or more control security keys established at the mobile station for secured communication of control messages with the base station are generated based on the identifier of the mobile station and an identifier of the base station, wherein data packets encrypted using the one or more data security keys established at the mobile station for secured communication of data packets with the data gateway can be decrypted only by the data gateway, and wherein control messages encrypted using the one or more control security keys established at the mobile station for secured communication of control messages with the base station can be decrypted only by the base station.
A mobile station includes a processor and a transceiver. The processor generates a packet (either data or control). If data, it encrypts the packet using data security keys for the data gateway (based on mobile station and data gateway identifiers). If a control message, it encrypts the packet using control security keys for the base station (based on mobile station and base station identifiers). The transceiver sends the encrypted packet to the base station. The data security keys remain active as long as the mobile station communicates with the data gateway via the base stations. The data gateway can decrypt data packets, and the base station can decrypt control messages.
27. The mobile station of claim 26 , wherein the processor is further configured to: generate a data authentication and authorization key using the identifier of the mobile station, the identifier of the data gateway, and one of a pair wise master key (PMK) and a master session key (MSK); generate the one or more data security keys for encrypting the packet carrying the data packet using the data authentication and authorization key; and encrypt the packet using the one or more data security keys.
The mobile station's processor generates a data authentication and authorization key using the identifiers of the mobile station and the data gateway, along with a Pairwise Master Key (PMK) or Master Session Key (MSK). From this authorization key, data security keys are generated to encrypt the data packet.
28. The mobile station of claim 26 , wherein the processor is further configured to: generate the one or more data security keys for encrypting the packet carrying the data packet using the identifier of the mobile station, the identifier of the data gateway, and one of a pair wise master key (PMK) and a master session key (MSK); and encrypt the packet using the one or more data security keys.
The mobile station's processor generates data security keys using the identifiers of the mobile station and the data gateway, along with a Pairwise Master Key (PMK) or Master Session Key (MSK). The generated keys are used to encrypt the packet containing the data packet.
29. The mobile station of claim 26 , wherein the processor is further configured to: generate a control authentication and authorization key using the identifier of the mobile station, one of an identifier of a master base station and an identifier of a cloud cell associated with the mobile station, and one of a pair wise master key (PMK) and a master session key (MSK); generate one or more control security key for encrypting the packet carrying the control message using the control authentication and authorization key; and encrypt the packet using the one or more control security keys.
The mobile station's processor generates a control authentication and authorization key using the mobile station's identifier, either the master base station identifier or the cloud cell identifier, and a Pairwise Master Key (PMK) or Master Session Key (MSK). The control security key is generated using the control authorization key, and then the packet containing the control message is encrypted.
30. The mobile station of claim 26 , wherein the processor is further configured to: generate a control authentication and authorization key for respective base stations in a cloud cell using the identifier of the mobile station, an identifier of the respective base stations in the cloud cell associated with the mobile station, and one of a pair wise master key (PMK) and a master session key (MSK); generate one or more control security keys for encrypting the packet carrying the control message using the control authentication and authorization key; and encrypt the packet using the one or more control security keys.
The mobile station's processor generates control authentication and authorization keys for each base station in a cloud cell, using the mobile station's identifier, the identifier of each base station, and a Pairwise Master Key (PMK) or Master Session Key (MSK). These keys are used to generate control security keys for encrypting the packet containing the control message.
31. A method for processing packets by a base station in a mobile broadband network environment, the method comprising: receiving an encrypted packet from a mobile station; decrypting the encrypted packet using one or more control security keys established at the base station for secured communication with the mobile station if the encrypted packet comprises a control message; and transmitting the encrypted packet to a data gateway if the encrypted packet comprises a data packet, wherein the data packet is encrypted by the mobile station based on one or more data security keys established at the mobile station for secured communication of data packets with the data gateway, and wherein the one or more data security keys established at the mobile station are continuously used while the mobile station communicates with at least one base station among a plurality of base stations connected to the data gateway.
A base station receives an encrypted packet from a mobile station. If the packet contains a control message, the base station decrypts it using control security keys established for communication with that mobile station. If the packet contains a data packet, the base station forwards the *encrypted* packet to the data gateway. The data packet is encrypted by the mobile station using data security keys established for communication with the data gateway. These data security keys remain active as long as the mobile station communicates with the data gateway, even when using different base stations.
32. The method of claim 31 , wherein the decrypting of the encrypted packet comprises: generating a control authentication and authorization key using an identifier of the mobile station, an identifier of the base station, and one of a pair wise master key (PMK) and a master session key (MSK); generating the one or more control security keys for decrypting the packet comprising the control message using the control authentication and authorization key; and decrypting the encrypted packet using the one or more control security keys.
To decrypt the control message, the base station generates a control authentication and authorization key using the identifiers of the mobile station and the base station, and a Pairwise Master Key (PMK) or Master Session Key (MSK). From this authorization key, the control security keys are generated which are used to decrypt the control message.
33. The method of claim 31 , wherein the transmitting of the encrypted packet to the data gateway comprises: transmitting the encrypted packet comprising the data packet to the data gateway via a master base station if the base station receiving the encrypted packet from the mobile station comprises a slave base station; and transmitting the encrypted packet comprising the control message to a master base station if the base station receiving the encrypted packet comprises a slave base station so that the master base station decrypts the encrypted packet using one or more control security keys established at the master base station.
If the base station receiving the encrypted packet is a slave base station, the encrypted data packet is sent to the data gateway *via* a master base station. If the base station is a slave, the encrypted control message is sent to the master base station so that the master station can decrypt it using its own control security keys.
34. A base station comprising: a transceiver; and a processor coupled to the transceiver, wherein the transceiver is configured to receive an encrypted packet transmitted from a mobile station to the base station, wherein the processor is configured to decrypt the encrypted packet using one or more control security keys established at the mobile station for secured communication with the base station if the encrypted packet comprises a control message, and wherein the transceiver is configured to transmit the encrypted packet to a data gateway if the encrypted packet comprises a data packet, wherein the data packet is encrypted by the mobile station based on one or more data security keys established at the mobile station for secured communication of data packets with the data gateway, and wherein the one or more data security keys established at the mobile station are continuously used while the mobile station communicates with at least one base station among a plurality of base stations connected to the data gateway.
A base station includes a transceiver and a processor. The transceiver receives an encrypted packet from a mobile station. The processor decrypts the packet *only if* it contains a control message, using control security keys established for communication with that mobile station. If the packet contains a data packet, the transceiver forwards the *encrypted* packet to the data gateway. The data packet is encrypted by the mobile station using data security keys established for communication with the data gateway, which remain active as long as the mobile station is communicating.
35. The base station of claim 34 , wherein in the transmitting of the encrypted packet to the data gateway, the transceiver is configured to transmit the encrypted packet comprising the data packet to the data gateway via a master base station if the base station receiving the encrypted packet from the mobile station comprises a slave base station, and wherein the transceiver is configured to transmit the encrypted packet comprising the control message to the master base station if the base station receiving the encrypted packet comprises the slave base station so that the master base station decrypts the encrypted packet using one or more control security keys established at the master base station.
When a slave base station receives a data packet from the mobile station, the transceiver forwards the *encrypted* data packet to the data gateway *via* the master base station. When a slave base station receives an encrypted control message from the mobile station, the transceiver forwards it to the master base station. The master base station then decrypts the control message using *its* control security keys.
Unknown
October 24, 2017
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.